Did you know?
The Measures for the Supervision and Administration of Online Transactions (网络交易监督管理办法) (“Measures”) released by the PRC State Administration for Market Regulation will come into force on 1 May 2021 and will replace the previous rules implemented in 2014. Among other things, the Measures impose more stringent requirements against the common practice of “bundled consent”. This is in line with the recent legislative and enforcement trends in the area of data privacy in China.
Why does this matter to you?
The Measures indicate that market regulators are increasing their oversight of internet businesses and their practices. Businesses often wish to simplify the process for seeking customers’ consent, such as minimising the number of “clicks” required, before allowing them to use their online services. However, such practices may be regarded as seeking “bundled consent”.
Restrictions against “bundled consent” are not new; for instance, the Personal Information Security Specification (GB/T 35273-2020) and the Guide to the Self-Assessment of Illegal Collection and Use of Personal Information by Apps already regulate consent to collection and processing of different types of personal data, or consent to subscription of multiple business functions. The rationale is that individuals should be given autonomy and flexibility to decide the types of personal data to be provided and how such data will be processed.
In further tackling the problem, the Measures require that:-
The Measures apply to online transactions conducted via social media platforms and live streaming campaigns. Online businesses are recommended to review their existing practice in light of the rapid regulatory developments. Please feel free to contact us if you have any questions.